DR-005: Release strategy #2400
DR-005: Release strategy #2400
Conversation
olivembo
requested review from
AlexanderLanin and
dcalavrezo-qorix
as code owners
|
|
||
| ### 3.1 Trunk-Based Development with SemVer | ||
|
|
||
| Assumes continuous deployment on a longlived branch, e.g. `main` and does not define coordinated product releases. |
There was a problem hiding this comment.
This describes "trunk-based" with "does not define coordinated product releases". This implies that either
- This is not valid option as it does not achieve the goals. It should not even be considered but removed from this decision record.
- This option needs to describe how coordinate product releases given trunk-based development. The description must be extended accordingly.
There was a problem hiding this comment.
I will adapt the document according to 2.
|
|
||
| ### 3.2 Gitflow Across Repositories | ||
|
|
||
| Introduces coordinated release branching across repositories but lacks a central integration manifest. |
There was a problem hiding this comment.
How does "coordinated release branching across repositories" work? This option is not described sufficiently.
There was a problem hiding this comment.
Will describe in further detail
| - Working on a release branch should be always possible and not harm the development on the main branch (resp. Vice versa) | ||
| - Working on a bugfix should always be possible (for any old release) | ||
| - Module developers must know how to name their released versions | ||
| - It must be clear how to do the integration, means what to reference (e.g. „extended“ semver as 1.2.3-etas-r1.0) |
There was a problem hiding this comment.
Option 3.3 lists "integration governance" as a Con. However, some people would consider that lack of a such governance as undesirable lack of control.
Add "minimal integration governance" as a goal to document our assumption that we want that.
There was a problem hiding this comment.
Will add this point to the goals section
|
|
||
| ## 4. Decision | ||
|
|
||
| We decided for **Option 3.3**. |
There was a problem hiding this comment.
As of now this decision record is pointless. It puts up two strawmen options (3.1 and 3.2) and dismisses them for not achieving the goals. If there is only a single valid option, then there is no decision to be made.
|
|
||
| --- | ||
|
|
||
| ## 2. Goals and Requirements |
There was a problem hiding this comment.
Can we distinguish between requirements (which must be satisfied) and optimization goals (where we try to find the best option)?
There is no point in invest time looking into option which don't satisfy requirements. Also, goals are usually few and that simplifies the decision evaluation.
There was a problem hiding this comment.
This would be helpful. The amount of strict requirements are probably much lower than the goals.
Co-authored-by: Andreas Zwinkau <95761648+a-zw@users.noreply.github.com> Signed-off-by: Oliver Emrich <oliver.emrich2@bosch.com>
Co-authored-by: Andreas Zwinkau <95761648+a-zw@users.noreply.github.com> Signed-off-by: Oliver Emrich <oliver.emrich2@bosch.com>
|
The created documentation from the pull request is available at: docu-html |
| - Continuous integration before formal releases | ||
| - Independent module lifecycles without blocking development | ||
| - A process that scales across many repositories and teams | ||
| - Working on the main branch should be always possible |
There was a problem hiding this comment.
What does "working on the main branch" mean here? I understand the main branch like this: "latest and greatest, always in a working state". That means you cannot actually "work on" the main branch: you must always branch off, then work, make sure the work is "fully done", integrate.
I would also use e.g. "codeline" instead of "branch", and define codeline as "The set of branches of the same name across all S-CORE repositories.". If useful, one can go more into details and write "Each of the branches of a codeline must have been created from the same head branch, in a state consistent with a head codeline."
There was a problem hiding this comment.
The point is that module devs should be able to push new features on their module main branch while the integration is still busy integrating an older version. No announcements like "only merge bugfixes until the 0.5 release final is done".
In other words, it implies that modules must have some kind of release branches for hotfixes.
There was a problem hiding this comment.
OK so the "normal codefreeze concept", right?
"On the 31st January, 15:00 we will cut the release branches for 1.0.0" --> on all modules, of course. Release branch creation takes a minute, and just after that everyone can continue to work on the mainline.
|
|
||
| --- | ||
|
|
||
| ## 2. Goals and Requirements |
There was a problem hiding this comment.
This would be helpful. The amount of strict requirements are probably much lower than the goals.
| commit id: "1.2.3-r1.0" | ||
|
|
||
| checkout main | ||
| branch bugfix |
There was a problem hiding this comment.
I think this is likely not correct. You need to create a support branch for 1.2.x, which starts at 1.2.0, where you can create 1.2.1, 1.2.2, 1.2.3, 1. 1.2.4 etc. from. These cannot come from a main line, where development for 1.3.x (or even 2.x.x) continues. The patch releases are by defintion only bugfix releases and cannot contain new features.
(This assumes that on main you continue with new features, i.e. minor updates in the sense of SemVer)
I think GitFlow actually does a good job to capture all of this (main, release, support, bugix, how to connect branches to SemVer).
There was a problem hiding this comment.
The problems with SemVer are described here: https://beza1e1.tuxen.de/patching_old_versions.html
Do you agree with the limitations described in there?
There was a problem hiding this comment.
Yes, sure - but that description is purely about "What to do if you need to do a breaking change to an old version?" - so strictly about major versions.
Why would you do a breaking change to an already released major version? You can fix bugs, you can add compatible features, but breaking change simply means: new major version. And you cannot break an existing major release. I think we've picked the development model that is described below "Instead I want to hint at a solution on a higher level." in the text?
There was a problem hiding this comment.
(Just to be clear: I do not see SemVer religiously as the secret sauce that solves everything 😄 - for example, when distributions come into play and distributors are patching / backporting / ... it stops working and gets really messy. Cf. the "versioning scheme" of Debian, which is more or less a collection of necessities created over years of experience...
However, S-CORE is (here, during regular development at least!) not a distribution, right?)
| - Provides release branches for stabilization. | ||
|
|
||
| **Cons**: | ||
| - Requires coordination of release branches across all repositories. |
There was a problem hiding this comment.
I don't get this point: the branching model simply deals with a single repository. If you want to enhance it for a multi-repo, you have to do something in addition. I do not see this as a drawback really... a branching model alone can never do this. You need something like the reference_integration, with its lockfile method (this json file we create is nothing else).
| **Cons**: | ||
| - Requires coordination of release branches across all repositories. | ||
| - Lacks a single source of truth for integration state. | ||
| - Does not scale well with increasing module count. |
There was a problem hiding this comment.
Again, this is comparing apples and oranges...
| merge bugfix | ||
| ``` | ||
| > *Explaination:* Using SemVer quickly reaches its limits. | ||
| If branching off from a version e.g. 1.2.3 and needing a bugfix while the development on main goes on where other versions e.g. 1.2.4 are created, now on a release branch you would need to use the version 1.2.5. The development on main for the next version needs to use 1.2.6 although the logical predecessor is 1.2.4. This violates SemVer since backward compatibility in that case is (or could be) broken. |
There was a problem hiding this comment.
As stated above I think this is not correct. SemVer has no issues with this, but the connection to the branching model must be done correctly.
|
|
||
| ### 3.3 Polyrepo Release Process with Manifest Repository and relaxed version of SemVer | ||
|
|
||
| As described in [DR-002 (Integration Testing in a Distributed Monolith)](./DR-002-infra.md) there is a dedicated manifest repository containing the "known goods sets". There is a known good set for the latest version, but also known good sets for release(d) versions. Because of the earlier described limitations of SemVer, the correct module versions should not be referenced in the `MODULE.bazel` (in the manifest repository) as e.g., `1.2.3` but either by referencing the git commit hash directly or using a relaxed SemVer string, e.g. as `1.2.3-v1.0` where the string after the hyphen represents the respective S-CORE release. |
There was a problem hiding this comment.
I do not agree here. We can simply cut a release branch of all modules, which "captures" a minor version of the module (i.e. all 1.1.x versions). The versions 1.1.0, 1.1.1 etc are the "line of module versions agreed for a specific S-CORE release". S-CORE-bugfix releases then take bugfix releases of the modules. etc.
|
|
||
| As described in [DR-002 (Integration Testing in a Distributed Monolith)](./DR-002-infra.md) there is a dedicated manifest repository containing the "known goods sets". There is a known good set for the latest version, but also known good sets for release(d) versions. Because of the earlier described limitations of SemVer, the correct module versions should not be referenced in the `MODULE.bazel` (in the manifest repository) as e.g., `1.2.3` but either by referencing the git commit hash directly or using a relaxed SemVer string, e.g. as `1.2.3-v1.0` where the string after the hyphen represents the respective S-CORE release. | ||
|
|
||
| With that approach releases are possible, e.g. by creating a release branch in the integration repository as well as in the affected module repositories. Also bugfixes of "old" releases are possible by checking out the repective release branch in the reference integration and if necessary to also created bugfixes in the affected modules. |
There was a problem hiding this comment.
This is correct, but as outlined above it does not really require a "modified SemVer". The standard one would do :-)
| **Rationale** | ||
|
|
||
| This approach reflects established industry practice for large-scale polyrepo systems using | ||
| manifest-based integration and release trains (e.g. Android/AOSP, Chromium-style roll-ups), |
There was a problem hiding this comment.
In the end I agree with the conclusion: we need a manifest / lock file / call-it-what-you-want. But we do not need special branching methods or a new mapping to SemVer. The standard stuff does the job, when thinking about "codelines" (= sets of branches with same name/purpose) instead of "single-repository-branches".
|
|
||
| Option 3.1 (Trunk-Based Development Only) has been rejected because it does not address the need for coordinated product releases or explicit stabilization phases in a poly repo environment. | ||
|
|
||
| Option 3.2 (Gitflow Across Repositories) has been rejected because it requires coordinating release branches across all repositories and lacks a central integration manifest, which does not scale well. |
There was a problem hiding this comment.
With this I am a bit confused: of course we will need coordinated release branches across all repositories - simply for consistency reasons during stabilization. There is no way that a module introduces new features into a release when stabilization is already happening.
However, release branch cutting (i.e. "code freeze") is trivially scriptable, and a matter of 3 minutes across all repositories - given that you use a workspace like available via gitea on reference-integration. All you have to do is to announce "code freeze day & time" and fire the script. This is absolutely no problem if your mainline is always stable and integrates well. And this we have already outlined in DR-002.
|
Please rename to DR-006. I use DR-005 #2346 |
|
|
||
| As described in [DR-002 (Integration Testing in a Distributed Monolith)](./DR-002-infra.md) there is a dedicated manifest repository containing the "known goods sets". There is a known good set for the latest version, but also known good sets for release(d) versions. Because of the earlier described limitations of SemVer, the correct module versions should not be referenced in the `MODULE.bazel` (in the manifest repository) as e.g., `1.2.3` but either by referencing the git commit hash directly or using a relaxed SemVer string, e.g. as `1.2.3-v1.0` where the string after the hyphen represents the respective S-CORE release. | ||
|
|
||
| With that approach releases are possible, e.g. by creating a release branch in the integration repository as well as in the affected module repositories. Also bugfixes of "old" releases are possible by checking out the repective release branch in the reference integration and if necessary to also created bugfixes in the affected modules. |
There was a problem hiding this comment.
| With that approach releases are possible, e.g. by creating a release branch in the integration repository as well as in the affected module repositories. Also bugfixes of "old" releases are possible by checking out the repective release branch in the reference integration and if necessary to also created bugfixes in the affected modules. | |
| With that approach releases are possible, e.g. by creating a release branch in the integration repository as well as in the affected module repositories. Also bugfixes of "old" releases are possible by checking out the respective release branch in the reference integration and if necessary to also created bugfixes in the affected modules. |
| - Clear separation between development, integration, and stabilization. | ||
|
|
||
| **Cons**: | ||
| <<<<<<< HEAD |
There was a problem hiding this comment.
| <<<<<<< HEAD |
Unresolved merge conflict.
7 participants
Establish a polyrepo release process with a manifest repository and relaxed SemVer for coordinated product releases.